Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

DLL Hijacking Vulnerability - Microsoft creates tool to control DLL loading

This tool provides a temporary mitigation of risks until a more comprehensive solution emerges

QUOTE: Another option for protecting your systems is to deploy a tool that can help prevent exploitation of this issue. Knowledge Base article 2264107 offers for download a tool that allows customers to selectively change the library loading behavior, either system-wide or for specific applications

The update allows the administrator to define the following on a system-wide or a per-application basis:

* Remove the current working directory from the library search path.
* Prevent an application from loading a library from a WebDAV location.
* Prevent an application from loading a library from both a WebDAV, as well as a remote UNC location.

Microsoft's Mitigation resources and DLL Control tool
http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx
http://sunbeltblog.blogspot.com/2010/08/microsoft-releases-workaround-tool-for.html

DOWNLOAD FOR SPECIAL TOOL
http://support.microsoft.com/kb/2264107

DLL Hijacking Vulnerability - Additional Information
http://msmvps.com/blogs/harrywaldron/archive/2010/08/27/dll-hijacking-vulnerability-over-40-popular-applications-have-exploits-built.aspx

Posted: Aug 28 2010, 09:23 AM by Harry Waldron | with no comments